Application Security Engineer

Open Systems Inc.
New York, United States of America
3 days ago

Role details

Contract type
Permanent contract
Employment type
Full-time (> 32 hours)
Working hours
Regular working hours
Languages
English
Compensation
$ 200K

Job location

New York, United States of America

Tech stack

Java
JavaScript
Computer Security
Computer Engineering
Information Management
Python
Open Web Application Security
Software Vulnerability Management
Software Security
Information Technology

Job description

  • Perform Application Security scans (e.g. DAST and SCA) on applications and APIs to identify security vulnerabilities and weaknesses
  • Triage security findings and collaborate with development teams to prioritize and remediate identified vulnerabilities
  • Drive threat modelling as a standard part of the SDLC, and develop and maintain threat models for critical applications, identifying potential security risks and proposing mitigations
  • Drive the Security Champions program, and define and promote secure coding practices, patterns, and standards across development teams
  • Conduct security reviews and provide guidance on security requirements for new features and projects
  • Assist in the analysis, selection and rollout of new application security tools, processes, and standards

Requirements

  • Proven experience in application security with a focus on application security testing and vulnerability management
  • Hands-on experience with Application Security tools
  • Strong understanding of common application vulnerabilities (e.g., OWASP Top 10) and mitigation techniques
  • Experience with threat modelling methodologies and tools
  • Proficiency in at least one programming language (e.g., Java, Python, JavaScript)
  • Excellent communication and collaboration skills, with the ability to work effectively in cross functional teams
  • Strong understanding of risk management
  • Degree in a technology discipline (Computer Science, Information Management, Computer Engineering, Cybersecurity or equivalent)
  • Relevant security certifications (e.g. CISSP, CEH, CSSLP) or equivalent is preferred

Apply for this position